UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The container platform must prevent unauthorized and unintended information transfer via shared system resources.


Overview

Finding ID Version Rule ID IA Controls Severity
V-233128 SRG-APP-000243-CTR-000600 SV-233128r879649_rule Medium
Description
The container platform makes host system resources available to container services. These shared resources, such as the host system kernel, network connections, and storage, must be protected to prevent unauthorized and unintended information transfer. The protections must be implemented for users and processes acting on behalf of users.
STIG Date
Container Platform Security Requirements Guide 2023-06-05

Details

Check Text ( C-36064r601754_chk )
Review the container platform architecture documentation to find out if and how it protects the resources of one process or user (such as working memory, storage, host system kernel, network connections) from unauthorized access by another user or process.

If the container platform configuration settings do not effectively implement these protections to prevent unauthorized access by another user or process, this is a finding.
Fix Text (F-36032r601862_fix)
Deploy a container platform capable of effectively protecting the resources of one process or user from unauthorized access by another user or process. Configure the container platform to effectively protect the resources of one process or user from unauthorized access by another user or process. The container security solution should help the user understand where the code in the environment was deployed from, and provide controls that prevent deployment from untrusted sources or registries.